I have a daemon which listens to a socket in /var/run. I start the daemon using an init script (as root, obviously), and I'm using the twistd --uid and --gid options to drop privileges to an unprivileged user. The socket, however, is still owned by root:root.
A second daemon, which runs as the same unprivileged user, needs to have access to the socket. I now change the socket ownership to daemon:daemon in the init script, but this doesn't strike me as a very elegant solution.
Is there a way make the socket owned by daemon:daemon in the tac file?
No, currently there isn't.
It's an open issue in Twisted, it's also the case with PID and log files.
See blog describing the issue, and open issues: